A method for supporting a 6to4 tunneling protocol across a network address translation mechanism. The method comprises the steps of receiving an outbound IPv6 packet encapsulated into an IPv4 packet, translating the private IPv4 source address in the IPv4 header of the outbound packet into a public IPv4 source address, transmitting the translated packet over the IPv4 network; and is characterized in that it further comprises the step of storing an association of the private IPv4 address and the Interface ID value of the 6to4 source address for opposite address translation of inbound packets. A corresponding device is also claimed.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method for supporting a 6to4 tunneling protocol across a network address translation mechanism comprising the steps of: receiving from a first host located on a first network an outbound IPv6 packet encapsulated into an IPv4 packet, the IPv4 packet comprising a IPv4 header with a private IPv4 source address of the first host, the outbound IPv6 packet comprising a IPv6 header with a 6to4 source address, the IPv6 header comprising an Interface ID value, the Interface ID value being a multiplexing identifier that is a unique identifier associated with the first host; translating the private IPv4 source address in the IPv4 header into a public IPv4 source address, transmitting the translated packet over an IPv4 network to a remote host; storing an association between the private IPv4 source address and the Interface ID value of the 6to4 source address for opposite address translation of inbound packets returned by the remote host by deriving the multiplexing identifier from the outbound IPv4 packet; and further comprising the step of: changing the private IPv4 address of the 6to4 source address in the IPv6 header of an outbound packet to the public IPv4 address; and changing the public IPv4 address of the 6to4 destination address of an inbound packet to a corresponding private IPv4 address.
A method to enable 6to4 IPv6 tunneling across a network using Network Address Translation (NAT). It involves receiving an IPv6 packet (containing a 6to4 source address with a unique Interface ID) encapsulated within an IPv4 packet (having a private IPv4 source address). The private IPv4 address is translated to a public IPv4 address for transmission over the IPv4 network. To handle return traffic, the method stores the association between the private IPv4 address and the Interface ID. Further, the private IPv4 address part of the 6to4 source address within the IPv6 header is changed to the public IPv4 address, and for inbound packets, the public IPv4 address part of the 6to4 destination address is changed back to the corresponding private IPv4 address.
2. The method according to claim 1 , further comprising the steps of: receiving an inbound packet over the IPv4 network; determining whether the inbound packet encapsulates an IPv6 packet; in the affirmative, retrieving the Interface ID of an encapsulated IPv6 packet's destination address, and using the Interface ID to retrieve a corresponding stored private IPv4 address, and updating the destination address in the IPv4 header accordingly; forwarding the modified, encapsulated IPv6 packet on the first network.
Building upon the 6to4 tunneling method involving NAT, this addition describes handling inbound IPv4 packets that encapsulate IPv6 packets. When an inbound packet is received, the system checks if it encapsulates an IPv6 packet. If so, it retrieves the Interface ID from the IPv6 destination address. Using this Interface ID, it looks up the corresponding stored private IPv4 address. The IPv4 header's destination address is then updated with this retrieved private IPv4 address. Finally, the modified IPv4 packet (still encapsulating the IPv6 packet) is forwarded on the internal network. This facilitates return communication to the correct internal host.
3. The method according to claim 2 , wherein the step of storing the association of the Interface ID and a source address of the encapsulated IPv6 packets of the first network and the step of modifying the destination address of inbound packets or the source address of outbound packets as a function of the Interface ID is carried out by an application level gateway assisting the network address translation mechanism.
The 6to4 tunneling method with NAT enhancement uses an Application Level Gateway (ALG) to assist with address translation. Specifically, the ALG handles storing the association between the Interface ID and the source address of encapsulated IPv6 packets originating from the internal network. The ALG also modifies the destination address of inbound IPv4 packets (that encapsulate IPv6 packets) or the source address of outbound IPv4 packets (that encapsulate IPv6 packets) based on the Interface ID. This offloads the complexity of managing these associations and address modifications from the core NAT mechanism.
4. The method according to claim 1 , comprising the step of modifying fields at least of the IPv4 header, such as checksums, whose values depend on the 6to4 source address.
In the 6to4 tunneling method with NAT, the process also includes modifying IPv4 header fields (such as checksums) whose values are dependent on the translated 6to4 source address. This ensures the integrity of the IPv4 packet after the source address is translated from a private to a public address (or vice versa). The checksums and potentially other header fields, are recalculated to reflect the new address information, preventing packet corruption and ensuring proper routing.
5. The method according to claim 1 , wherein the step of changing the IPv4 part of the 6to4 address are carried out by an application level gateway assisting the network address translation mechanism.
In the 6to4 tunneling method with NAT, the process of changing the IPv4 address portion of the 6to4 address is carried out by an Application Level Gateway (ALG). This ALG assists the NAT mechanism by specifically handling the replacement of the private IPv4 address within the 6to4 source address with the public IPv4 address during outbound traffic and vice versa for inbound traffic. This isolates the address manipulation from the core NAT functionality, simplifying the overall implementation.
6. A device for supporting a 6to4 tunneling protocol across a network address translation mechanism, comprising: a network address translation mechanism for changing a private source address of an outbound IPv4 packet encapsulating an IPv6 packet into a public IPv4 source address; further comprising an application for storing, for each outbound packet received from a host of an IPv6 network, an association between the private IPv4 addresses and an Interface ID value included in a 6to4 source address of a host, the Interface ID being a multiplexing identifier that is a unique identifier associated with the host and derived from each outbound packet, and for updating a 6to4 destination address of an inbound packet with a stored private IPv4 address having same Interface ID as the 6to4 destination address; and wherein the application is further adapted to carry out additional processing of an outbound packet, wherein the additional processing comprises replacing the private IPv4 address part of an 6to4 source address of an outbound packet with the device's public IPv4 address.
A device that supports 6to4 tunneling across a NAT network has a standard NAT mechanism that translates the private IPv4 source address of outbound IPv4 packets (encapsulating IPv6 packets) to a public IPv4 source address. Additionally, it includes an application that stores an association between the private IPv4 address and the Interface ID found in the 6to4 source address of each outbound packet. The Interface ID is a unique identifier for each internal host. This application uses the Interface ID from inbound packets to update the 6to4 destination address with the corresponding private IPv4 address. This application also replaces the private IPv4 address part of the 6to4 source address of an outbound packet with the device's public IPv4 address.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
November 13, 2003
August 13, 2013
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.